United States and Securities Exchange (SEC) Chair Gary Gensler claimed the federal agency takes its “cybersecurity obligations seriously” in a February 6 letter following last month’s SIM swap attack.
The letter was drafted as a response to House Republicans who previously scrutinized Gensler’s handling of a SIM swap attack that caused a fraudulent post on the SEC’s X account regarding the status of spot Bitcoin ETF approvals early last month.
Gensler Lays Out The January SIM Swap Attack
In the letter, Gensler listed a complete timeline of the SIM swap attack while assuring that “the SEC takes its cybersecurity operations seriously.”
“Among other things, law enforcement is currently investigating how the unauthorized party got the carrier to change the SIM for the account and how the party knew which phone number was associated with the account,” the SEC Chair wrote. “SEC staff continue to assess the scope of the incident and coordinate with all of our law enforcement partners.”
The SEC has yet to be able to identify the unauthorized party behind the attack, however.
House Republicans Push Back Against Gensler
We can confirm that the account @SECGov was compromised and we have completed a preliminary investigation. Based on our investigation, the compromise was not due to any breach of X’s systems, but rather due to an unidentified individual obtaining control over a phone number…
— Safety (@Safety) January 10, 2024
House Republicans’ original letter, signed by Congressmen Patrick McHenry (NC-10), Bill Huezing (MI-04), French Hill (AR-02), and Ann Wagner (MO-02) heavily criticized Gensler for his irresponsibility.
“According to X’s preliminary investigation, the SEC account did not have two-factor authentication enabled, and an unidentified individual obtained control of a phone number associated with the SEC’s account,” the congressional Republicans’ letter read. “This failure is unacceptable, and it is disturbing that your agency could not even meet the standard you require of private industry.”
Gary Gensler the Center of Criticism
Gary Gensler is under heavy criticism. Republican senators also drafted a letter of their own criticizing him for the SEC’s tactics during the DEBT Box case.
“We are greatly concerned by the Commission’s conduct in this case,” the senators wrote. “It is unconscionable that any federal agency—especially one regularly involved in highly consequential legal procedures and one that, under your leadership, has often pursued its regulatory mission through enforcement actions rather than rulemakings—could operate in such an unethical and unprofessional manner.”
Despite the congressional communication, whether or not the SEC will be able to track the SIM swap attacker down is unknown.
“I understand that the SEC’s Office of Legislative and Intergovernmental Affairs arranged a briefing on January 17 for your staff concerning the X incident and addressing the questions raised in your letter,” Gensler wrote to House Republicans. “SEC staff remains available to answer any additional questions you may have.”
The post SEC Takes Cybersecurity “Seriously,” Gensler Says in New Letter appeared first on Cryptonews.